Ransomware group releases decryptors for nearly 3,000 victims, forfeiting millions in payouts. [...]

An attacker with initial physical access (say, at a gym) could gain root entry to the interactive tablet, making for a bevy of remote attack scenarios. [...]

SolarMarker makers are using SEO poisoning, stuffing thousands of PDFs with tens of thousands of pages full of SEO keywords & links to redirect to the malware. [...]

Varied cloud infrastructure was used to phish email credentials, monitor for and forward finance-related messages and automate operations. [...]

Forcepoint’s Nico Fischbach, global CTO and VPE of SASE, and Chase Cunningham, chief strategy officer at Ericom Software, on using SASE to make Zero Trust real. [...]

Attackers could have used the bug to get read/write privileges for a victim user’s email, Teams chats, OneDrive, Sharepoint and loads of other services. [...]

An analysis of the campaign revealed Cyberium, an active Mirai-variant malware hosting site. [...]

Nearly all of the leaked data was for owners or wannabe owners of the automaker’s luxury brand of Audis, now at greater risk for phishing, ransomware or car theft. [...]

Purchase automation software delivered shortened URLs without protections. [...]

"We hereby keep a right (sic) to forward all of the relevant documentation and data to military agencies of our choise (sic)" REvil reportedly wrote. [...]

CD Projekt Red confirmed that employee and game-related data appears to be floating around the cyber-underground, four months after a hack on the Witcher and Cyberpunk 2077 developer. [...]

There were more than 80 million login credentials for sale, used to inflict over $200 million in losses in the U.S. alone. [...]

The group, known for masquerading as various APT groups, is back with a spate of attacks on U.S. companies. [...]

Google has patched its Chrome browser, fixing one critical cache issue and a second bug being actively exploited in the wild. [...]

The desktop conferencing IoT gadget allows remote attackers to install all kinds of malware and move laterally to other parts of enterprise networks. [...]

Misconfigured dashboards are yet again at the heart of a widespread, ongoing cryptocurrency campaign squeezing Monero and Ethereum from Kubernetes clusters. [...]

Emerging malware is lurking in Steam profile images. [...]

A nameless malware resulted in a huge data heist of files, credentials, cookies and more that researchers found collected into a cloud database. [...]

Attackers accessed a VPN account that was no longer in use to freeze the company’s network in a ransomware attack whose repercussions are still vibrating. [...]

Researchers discovered a highly targeted malware campaign launched in April, in which a new, unknown threat actor used two of the vulnerabilities that Microsoft said are under active attack. [...]

Socially engineered BEC attacks using X-rated material spike 974 percent. [...]

Security teams should brace for an unsettling and unprecedented year, as we’re on pace to see 40 billion records compromised by the end of 2021. Imperva’s Terry Ray explains what security teams need to do to bolster their defenses. [...]

The tables have been turned, the FBI & DOJ said after announcing the use of blockchain technology to track down the contents of DarkSide's cryptocurrency wallet. [...]

“Siloscape”, the first malware to target Windows containers, breaks out of Kubernetes clusters to plant backdoors and raid nodes for credentials. [...]

The crooks pay top dollar for Google search results for the popular AnyDesk, Dropbox & Telegram apps that lead to a malicious, infostealer-packed website. [...]